modified: README.md

modified:   deploy/README.md
renamed:    deploy/rbac.yaml -> deploy/cicd-rbac.yaml

.gitea/actions/kubectl-setup/action.yml

@@ -1,45 +0,0 @@
-name: Setup kubectl
-description: "Reads kube config from inputs and sets KUBECONFIG"
-
-inputs:
-  kube_server:
-    description: "Kubernetes API server address"
-    required: true
-  kube_ca_base64:
-    description: "Base64-encoded CA certificate"
-    required: true
-  kube_token:
-    description: "ServiceAccount token"
-    required: true
-
-runs:
-  using: "composite"
-  steps:
-    - name: Create kubeconfig
-      shell: bash
-      run: |
-        set -euo pipefail
-        mkdir -p "${GITHUB_TEMP}/.kube"
-
-        cat <<EOF > "${GITHUB_TEMP}/.kube/config"
-        apiVersion: v1
-        kind: Config
-        clusters:
-        - cluster:
-            certificate-authority-data: ${{ inputs.kube_ca_base64 }}
-            server: ${{ inputs.kube_server }}
-          name: cluster
-        contexts:
-        - context:
-            cluster: cluster
-            namespace: default
-            user: user
-          name: context
-        current-context: context
-        users:
-        - name: user
-          user:
-            token: ${{ inputs.kube_token }}
-        EOF
-
-        echo "KUBECONFIG=${GITHUB_TEMP}/.kube/config" >> "${GITHUB_ENV}"

.gitea/workflows/deploy.yaml

@@ -3,33 +3,46 @@ name: Casa Home Assistant CI/CD Pipeline
 on:
   push:
     branches:
+      - fix/*
       - main
+      - master
   pull_request:
+  schedule:
+    - cron: '0 16 * * 0' # every sunday 4 pm
 
 jobs:
-  build:
-    runs-on: mf-casa-vlan-cid-runner
+  deploy:
+    runs-on: casa-vlan-cicd
+    env:
+      GITHUB_TEMP: ${{ runner.temp }}
+      
     steps:
+
       - name: Checkout code
         uses: actions/checkout@v3
 
+      - name: Fetch limbo public actions
+        env: 
+          RUNNER_TEMP: "${{ runner.temp }}"
+          WORKSPACE: "${{ gitea.workspace }}"
+        run: |
+          curl -fsSL https://git.limbosolutions.com/kb/gitea/raw/branch/main/cloud-scripts/setup-limbo-actions.sh | bash 2>&1
+
       - name: Setup kubectl
-        uses: ./.github/actions/kubectl-setup
+        uses: ./.gitea/limbo_actions/kubectl-setup
         with:
-          kube_server: ${{ secrets.casa_vlan_kube_server }}
-          kube_ca_base64: ${{ secrets.casa_vlan_kube_ca_base64 }}
-          kube_token: ${{ secrets.casa_vlan_kube_token }}
+          kube_server: ${{ secrets.CASA_VLAN_KUBE_SERVER }}
+          kube_ca_base64: ${{ secrets.CASA_VLAN_KUBE_CA_BASE64 }}
+          kube_token: ${{ secrets.CASA_VLAN_KUBE_TOKEN }}
          
       - name: Deploy Home Assistant
         shell: bash
+        env:
+          ENDPOINT_IP: "${{ secrets.CASA_HOMEASSISTANT_ENDPOINT_IP }}"
+          SERVICE_PORT: "${{ secrets.CASA_HOMEASSISTANT_ENDPOINT_SERVICE_PORT }}"
+          INGRESS_ROUTES_MATCH: "${{ secrets.CASA_HOMEASSISTANT_INGRESS_ROUTES_MATCH }}"
+          INGRESS_TLS_SECRET_NAME: "${{ secrets.CASA_HOMEASSISTANT_INGRESS_TLS_SECRET_NAME }}"
         run: |
-          set -e
-          cd ${{ gitea.workspace }}
-          export ENDPOINT_IP="${{ secrets.ENDPOINT_IP }}"
-          export SERVICE_PORT=${{ secrets.SERVICE_PORT }}
-          export INGRESS_ROUTES_MATCH="${{ secrets.INGRESS_ROUTES_MATCH }}"
-          export INGRESS_TLS_SECRET_NAME=${{ secrets.INGRESS_TLS_SECRET_NAME }}
-          kubectl apply -f ./deploy/deployment.yaml
-          envsubst < ./deploy/service.template.yaml | kubectl apply -f -
-            
+          kubectl apply -f ./deploy/deployment.yaml \
+          && envsubst < ./deploy/service.template.yaml | kubectl apply -f -
             

README.md

@@ -2,10 +2,9 @@
 
 Welcome to my Home Assistant setup repository.  
 This repository documents and maintains the Home Assistant instance running in my home, hosted on casa server k3s cluster.  
-All essential containers, such as MQTT and speech recognition, are hosted on the same server for seamless integration.  
+Related containers, such as MQTT and speech recognition, are hosted on same cluster.  
 
-<!-- omit in toc -->
-## Table of Contents
+**Table of Contents:**
 
 - [Devices](#devices)
   - [Broadlink - RM4 Pro](#broadlink---rm4-pro)

deploy/README.md

@@ -44,8 +44,8 @@ All Environment variables requirements as set as secrets.
 
 [gitea workflow](../.gitea/workflows/deploy.yaml)
 
-## RBAC
+## cicd RBAC
 
 ```bash { cwd=../ }
-kubectl apply -f ./deploy/rbac.yaml
+kubectl apply -f ./deploy/cicd-rbac.yaml
 ```

deploy/deployment.yaml

@@ -33,14 +33,15 @@ spec:
     spec:
       dnsPolicy: ClusterFirstWithHostNet # ensures pod uses cluster DNS (CoreDNS) for service discovery even with host networking
       hostNetwork: true
-      #  delays start so host have time to start on low memory resources
-      # initContainers:
-      #   - name: delay-start
-      #     image: busybox:latest
-      #     command: ["sh", "-c", "sleep 60"]
+      nodeName: casa # force deploy to master node cluster
+      tolerations:
+        - key: "node-role.kubernetes.io/control-plane" # allow installation on control-plane
+          operator: "Exists"
+          effect: "NoSchedule"
       containers:
         - name: home-assistant
           image: "homeassistant/home-assistant"
+          imagePullPolicy: Always
           env:
             - name: TZ
               value: Europe/Lisbon  # set timezone